 Thank you for joining us today for the Hyperledger member webinar and our in-depth with TALIS increasing cyber security for Hyperledger fabric. Very excited about our session today. Just give us one minute and we'll go ahead and get started. Okay. I'm going to go ahead and share my screen so I can walk everybody through some housekeeping. Okay. Igor, can you see my screen? Wonderful. Well, welcome everyone. Thank you for joining us for today's Hyperledger in-depth hour with Hyperledger member TALIS on increasing cyber security for Hyperledger fabric. Today, we have two distinguished speakers. We have Blair Kahnavan, who's the director of alliances and digital identity and security at TALIS. And Avesta Hojati, who is the head of R&D at DigiCert, a partner of TALIS. Today's session is our ongoing Hyperledger member community sessions to help us share and let the community know how Hyperledger technology is being used in production use cases and other innovative ways. So a couple of housekeeping activities, just a reminder that the session is being reported. And we also have to follow our antitrust policy. All Linux Foundation meetings, presentations, webinars that involve industry competitors has to follow the antitrust. If there's any question about what you should share or not share, please do raise your hand and one of the staff members will assist you. Once again, this is also being live stream. So say hello to the live stream audience that is joining us and the recording will be made available after the session. So we look forward to you also sharing that information with others in your organization. The slides will also be available for download after the session via our Hyperledger library member webinar library where you can find the video recording and the sessions as well. So a couple of other things we want to make sure that all the participants here on the webinar get the most out of the session. So if you have a question, there's multiple ways that you can communicate with the speakers. Number one is using the raise hand feature in zoom. And we can go ahead at the appropriate time and open up the audio for questions directly to the speakers today. We also will enable the ask questions box. So if you're shy and you just want to do text box Q&A, go ahead and answer the questions and myself along with the panelists will be reviewing and getting to those questions when the time permits. Last but not least, please go ahead and talk and comment in the chat room, be respectful and follow our standard guidelines, community guidelines, but please, you know, introduce yourself, let us know who is here and perhaps an interesting fact about yourselves, for example, what location you're dialing in from today. So once again, I want to thank our speakers. We have Blair Canavan who's a director of alliances at Digital Identity and Security at Thales, and also a Vesta Hjalte at head of R&D at DigiCert. Welcome. Thank you so much for taking the time today to talk about what Thales has been doing. You have been a member of the hyperledger community for many years and also have had leaders within our technical open source communities in the past. So we are looking forward to the session. Thank you very much, Danielle. I'm just going to ask the best of it come on as well there so we can have a look at his handsome face. He's a lot younger than me but boy has he done a whole lot in his much shorter career than I have but very glad to have you on board there Vesta, are you there? I am Blair, I'm sorry actually I was describing before you joined, I have disabled my camera in the kernel of the recording system, which requires me to restart and I did not do that in time so. Well, everyone's assuming that your picture is represented and I will attest to that fact it is so thanks for joining us today. Thank you for having me. Hey, let's before we kick off and thanks again Danielle for inviting us today. I'm quite excited to talk about this subject I'm not all that experienced in blockchain but I've been spending some time in this role I have at Thales in this very interesting space and the best of you and I have come to know each other just over the last little while. But our history of companies going back for me particularly and this may be some opportunity for us to, you know, just give a little introduction of what our backgrounds are. I spent a lot of time with the former digicert the Verisign days with my colleagues some of them that I'm still working with today, back in the mid 90s, and I'm very proud to say that I was one of the very first Luna, or chrysalis employees now is is owned and operated by the by the bigger and much bigger talents. We were 10 people in 1996, and safe to say we're over 80,000 employees now in 2021 so things have changed dramatically but the fundamentals still apply in those years that I spent in the cryptographic space and introducing hardware modules to this entire world, little do we know that these fundamentals still apply and they continue to affect all of our businesses today. So I'm hoping that today by the end of this conversation with you invested we can describe a little bit about how this affects the world of blockchain and how it interoperates with the specific world of hyper ledger. But before I drone on and say the last, I guess, 30 years I've been in the crypto and the security space, I'm glad to say that now in the alliances side here at TAL us working with our partners such as digicert in its newer format and bigger and better and smarter way. So I'll let you introduce yourself with us and talk a little bit about what you do with with digicert. Absolutely. Again, thanks for having me here. Very exciting times. My name is Vesta I've been part of digicert for the past five years I currently manage the R&D department at digicert, which is quite extensive. My team is in charge of doing anything from optimizing consensus protocols, she's quite related to our conversation today to work on post quantum crypto as well as automation when it comes to certificates. Another thing is worth mentioning what is it that is specifically digicert does for audience to understand its relevancy to our conversation today. Digicert is a public key infrastructure we provide basically identity for public and private trust. The public trust many of you have probably dealt with it if you have gone to a website you see the lock on top of the browsers you click on that you will see x519 certificates and those are certificates that public trusted CA such as digicert are able to issue the private portion of it mostly focuses on identity for IoT devices identity for embedded devices. Things such as code signing, and it is relevant for us as part of this conversation today to issue certificates on blockchain platforms such as hyperledger fabric. To have a more personal from my perspective, I've been introduced to blockchain since June 2011. When Bitcoin came out. I was finishing my PhD at the time at the University of Illinois, and I started mining. And as Blair and I were speaking about this, the first three bitcoins that I spent were on ordering crackers and pizzas that I wish I never did. And I would have probably bought a house with it now. You know, we only knew what investing in crypto currencies would be today and let's not get started than to to diverge too much from our conversation today but certainly a lot of the people on the call today are wondering what is the effect of crypto currency has released a blockchain but I had a really conversation with your background and you and I discussed a lot of other sidebar conversations that happened in less than 10 years. Who would have thought that we'd be at this stage and in terms of blockchain. That's a great segue to our conversation today to talk a little bit about blockchain. I know that most of the people on this phone if not everybody sorry on this call today, know what maybe let's pop into some of the slides talk a little bit about that, give a little bit of background and I'm going to make this as conversational as I possibly can. This is just an hour with TALAS this is an hour with two companies that are invested in hyperledger. And why do we partner not only within the hyperledger consortium but why are we also partners outside of this for the grand grander good or whatever that might be so I have page moving the slides for us so I apologize if you don't want to thank you very much let's talk to the next slide. Next one please. And again the best I will probably ask you some questions but let's let's start from the very beginning and really what is watching. So for those who are again brand new to this and and I'm sure there are one or two on the call today. This is an undistributed ledger reports transactions between two parties efficiently and verifiable and permanent way. It is a very trusted infrastructure a very trusted manner by which transactions can occur, but it's across decentralized networks, and using digitally signed transactions. And what you described earlier, Vesta was the use of a protocol called consensus. It is primarily for all of us, the fundamental aspect of what we're trying to protect. It's fun to say hey it's all predicted by crypto but at the base of that crypto is keys and certificates. So really what you're talking about and if you click one more time page you're talking about a blockchain that's made up not only a database. But it's also secured by design, but even blockchain, although it says cryptographically bound and fundamentally, you know, driven by its core, like with crypto, there are elements within the crypto that are absolutely essential that they protected a certain way. Vesta I know you have some thoughts on this but if you wanted to just say that sounds good to me Blair if you'd like to throw in a couple comments there that'd be great. No this, I think this is great the only thing that I will add here is majority of people understand blockchain or no blockchain generally by Bitcoin and I think that's probably the wrong mindset right distributed ledgers historically have existed for many years. What Bitcoin was able to solve here was that double spending problem and that's you know the hands on consensus protocol making sure that your consensus protocol has been said right and is able and capable of helping with this secured by design and the distribution that you're seeing today. So let's go to the next slide and I'll try and follow along on my slide deck here as well just to make sure if we lose the connection. So, blockchain has has been, in some respects, denoted as an emerging technology or something relatively new and not the entire world isn't resting within or working within the blockchain infrastructure or strata. That's not entirely true it's it's it's sitting behind the scenes and so many industries and being used and and incorporate into so much more mainstream applications on a regular basis. So for example what you're seeing here is that they're certainly emerging but by no means are they the standard by which organizations supply chain management for example in the case of manufacturing. The financial markets, the underwriting aspects of that is such that there's been some false starts in that area but because some of the larger banks are now investing heavily into the blockchain infrastructure they're underwriting this, and they're providing all the fundamentals that you would expect from what typical traditional banking would be, but now they're putting in this aspect of blockchain with these fundamentals will talk about today to provide assurance to those that are looking at, you know, sharing in or exchanging actual finances and blockchains and cells, or crypto currencies and cells. This is where you're starting to see the emergence across a lot of these industries with with more confidence. And like everything else typically when something is built, it takes time for some of the other areas to be short up a little bit more security. And we see this in almost every industry and history will show you that when we started with Digisert back in the day. They were that they were the only certification authority in the world that actually had its certificates their root keys in hardware. The only problem was those hardware devices that they had, they couldn't copy those on to backup hardware devices and that's where the Chrysalis Luna product came in that's a little history for you. It wasn't until that point in time that they were back into a corner that we provided that ability to not only move those keys into those devices, but also back those keys up accordingly across a very large large large infrastructure. Vesta I'll let you comment if there's anything in there that you'd like to tap. No, I think personally there's a great slide, you know, it talks about different use cases that blockchains able to assess with. And I think one thing is very important to understand is that depending on the use case and we see those with the bullet points illustrated under each one of these pillars are going to be different right sometimes want to make sure that everybody has access to the data. At the same time, we are able to limit the utilization of that data. Often we want to make sure that the identity of a specific individuals who are interacting, either being a data provider or being a data consumer to some sense has been protected so again. These are different portions that I think blockchain is able to help with. And the sky is is limit right there are many different use cases that we have not discovered yet. Specifically, when it comes to manufacturing when it comes to tracing a specific parts and make sure that they are coming from the right supply chain and they have not been modified throughout that process. So the integrity of the blockchain assures us or provides assurance that it is intact and that it is legit and I know that there's a lot of back room buzz that blockchain has. There is is used from the various reasons by, you know, state actors and so on. Any thoughts on that, the best in your experience and how you would respond to that comment. Absolutely, I think this is an area that we have seen many compromises in the past. Many of us are familiar with the hardware hacks chips that's being manufactured in a different country. Coming over here United States and being compromised. And I think this is one area that the traceability portion of blockchain as well as the auditability. So we're going to assess with solving this specific problem of depending on the platform of blockchain that you have either being public private or a hybrid model. Both of them are able to assess with the supply chain traceability use case but what matters here is to be able to minimize the risk when you're considering a non OEM device or considering a specific process that previously we have agreed on, but at the end of the day that process has been compromised again by nation actors or being large supported number of attackers. So I think that to your point and this is really where it comes to the the actual essence of what us as security providers are doing is we're taking a proactive approach to this, as opposed to figuring out what's wrong and fixing it when it's when it's broken. That's not an approach that is to is that is acceptable in these types of environments. You can't just wing it. In your in your context of experiencing this over the last 10 years, and your PhD work I'm sure you saw all sorts of gaps and holes and things that needed to be filled. I think that's where the power of our organizations coming together and looking at these things as as again. Objectively as we possibly can has demonstrated that this is being taken seriously and this is being adopted and big talus for those of them don't understand who talus is an organization is an 80,000 person multi national organization. We have 20 billion euros in business that builds everything from satellites in space to onboard in flight infotainment systems for the dreamliners to defense rail systems. Our business digital identity and security is very much a part of all of those businesses and blockchain is being moved into all of our businesses. And we provide with our what's called talus six systems integration capabilities, we will actually provide solutions in blockchain. And if you go to our website you'll find all sorts of examples of that specific what you said the best in the supply chain, especially the manufacturing and enlarge banking organizations, having talus as part of that gives great comfort that a large organization with this much presence in the world and no different from digester that's been putting that little lock in your browser since the beginning of time. These organizations give these companies great comfort. So let's go to the next slide because I think this is a great opportunity to talk about adoption, good segue, I'm going to let you talk a little bit to this slide of us I know we didn't rehearse this if anybody's wondering this is just us having a conversation if you want to pass it back to me by all means but I thought that you all people would have seen the growth in the enterprise adoption so let you speak to this slide. Definitely. So, again, we have not talked about this slide so I'm quickly trying to digest this but I'm going to go ahead and touch on my own personal interaction with blockchain when you started in 2011. In the case here being Bitcoin and looking back at 2011 when I started personally mining at $27 per block. We never thought that there will be many other use cases that are going to take advantage of the underneath technology, but looking at this time that basically is going to grow rapidly from 2017 here to 2021. I think what we are realizing and you touched on this clearly Blair, that the concept of security by design, to some extent could be achieved by utilizing the blockchain technology. Obviously at these years there and from the Talos perspective you're providing components that is able to assist with this large escape deployment, but it's very clear that the market that you're looking at, and the players that we have here you know the 100 companies from all different segments, logistics supply chain and healthcare are moving from what before was a proof of concept to now being a product that they're able to utilize and essentially achieving number of things. One is efficiency in the process that they're doing and that efficiency by itself could be achieved from number of different elements again the auditability and traceability that blockchain provides. In addition to that not only efficiency they're providing a platform that is extensible that they're able to add other bells and vessels to it in order for them to expand their infrastructure and make sure that expansion happens not at the cost of security, but it happens from security and usability going hand in hand again if I look at this 10 years from now and taking this figure from 2021 to 2031 I can look at it from a perspective of how many other use cases are you able to solve and what would be the target accessible market that those use cases are basically targeting assets. So let me ask you a question a loaded question. If you have the opportunity to purchase something using Bitcoin, would you do that today. I already have. It's interesting actually. I switched my phone every year for security reasons and obviously for technology perspective, and I was going through some pictures and in 2018 I was in Japan and they had a sign that the store receives Bitcoin and this was a grocery store. So I went online to find this store and is a completely Japanese store so I had to use translation, and I saw from 2018 where they were taking Bitcoin in person they have moved to take Bitcoin actually on their website. So now they will give you an address if you want to buy anything you're able to utilize Bitcoin or other type of cryptocurrencies such as Zcash and pay for for the item that you're acquiring. I think the function of utilizing Bitcoin or other cryptocurrencies is not the question here. The question is what would I achieve by utilizing this type of cryptocurrency. Is the fact that moving my wallet and utilizing my wallet easier than using my credit card number that I'm sure all of us have memorized by now because of how much purchase we do online. It's a matter of security because I want to stay anonymous if I buy certain things online. So these are the specific personas that each individual has to ask an answer for themselves and come to the conclusion that using Bitcoin or other cryptocurrencies is the right things for them to do. Right. I appreciate that I know you have an upcoming vehicle purchase I won't go into it, but if you want to tell me offline that you you purchase that using any of your cryptocurrencies I want to know. So let's go to the next slide because I think this is also we're getting to the player player before we go over to the I raised my hand and I encourage as well and ask any questions that they have. But before we go to the next slide, if you can go back one of the things that third bullet item about the move from R&D to production so we had a very interesting conversation a couple of weeks ago about the fact that you know many of these enterprise blockchain projects have been in the R&D and the POC stages for a long time and really as you see issues and the questions around security, right, that it comes into when these networks are starting to move into production so I would love to maybe hear a little bit more and maybe you have some of these in later slides feedback from you and Avesta on that specific. When do you start seeing people saying hey security something that needs to be addressed before we go into production with these networks. Right, that's a great and I best has a lot more detail but I'll give you a firsthand account of a number of opportunities that we've been working with over the past 24 months. And there's an essential demand to build these these applications within the blockchain and hyper ledger fabric for for obvious reasons, what was missing it could be as simple as, for example, an AES signing mechanism that's not fully supported for example the HSM at this particular time they don't, in other words, they don't want to compromise what they could have or have traditionally built in previous platforms, especially in the financial circles. And they do not want to compromise on a regulatory point of view on any of those things. So there's a bit of a catch up this is our experiences there's a bit of been a bit of a catch up for some of our technologies. Not just ours but others to all work together and this is the beauty of integrating with the likes of Digisert is that we've been working together for over 25 years. And we have to stay in step to move these into production so there's been a lot of like the like you see here. What we see is of course the death of many because sometimes they just never get off the ground, but we are seeing at a fairly breakneck pace. As an example, one of the cryptocurrency exchanges being built in Eastern Europe that we're involved with actually started at the bottom in SS in essence and saying, we're building foundationally something that we, we understand from what we did in the say large value transaction system, or our currency, traditional other currency exchanges. How do we do that from a cryptocurrency exchange point of view. Well they want to build that a completely based on hyper ledger, the fundamentals that tallow springs to the to the table. And then of course the application companies the likes of Oracle IBM Tata consulting the big enterprise players that understand how to build large scale trusted government regulated and regulated within the industry. This is what we're starting to see is that they're really starting to take hold. Some of them are in production as you'll see as I mentioned earlier you can go to some of our use cases on our website and I'll let a Vesta respond from his perspective. Yeah, I think you touched on very great points Blair to specific elements that are shining one is regulations and compliance here right majority of these POCs are being conducted in in controlled environments right they're not in production they're not dealing with less API I this is personal identifying information for for users. They're not really dealing with financial aspects. So once moving from R&D to production, and that bridge for majority of these use cases at least for the ones that we have seen in our, in our companies that we have helped our customers with our have to deal with regulations. The other portion of this is and I compare this really to PKI. If you look at in 90s 2000s and now in 2021, many kept asking what problem does PKI solve. Today, it's seamless. It's not a, it's not a problem that it's solved the lack of not having a proper PKI in place actually becomes a problem. And I will consider the same perhaps is going to apply to blockchain. Once those developers researchers, product managers are identifying that there are more problems that blockchain is able to solve for him in comparison to writing the requirements and spending time of bringing this infrastructure up. So in the next few years and as we have seen in the past year specifically where we dealt with a pandemic and staying more people are actually utilizing distributed platforms that more POCs are going to make their ways into production environments and bringing their values to the to the end user. Absolutely. Absolutely. Thanks. So let's get to the next slides because I want to really get to the meat and the sandwich which is the use of PKI and how you and did just provide that capability. So let's go to the next slide which should pretty much just let's wrap up the whole aspect of where we are in terms of accessibility and as you described moving from POC to production. This is what a lot of people live and die by is the Gartner Heitz cycle. Or in some of the Jeffrey Moore aspect that that trough of disillusionment disillusionment if you're familiar with that, where we saw blockchain primarily if you can see in that tiny font. You'll find it about halfway up the curve. But when you move to and if you click through to the next bullet for me page, you'll actually start to see that the maturity based on, again, Gartner in 2025, which not too far away from here and that we click on the final box here. You're starting to see that, you know what, by 2023, $2 trillion worth of goods annually. I think that's well under. And of us, I'll leave you to speak to this and tell me your thoughts on the height curve or where you see, I know we've covered a little bit in our previous, you know, couple minutes. But if you have any thoughts on this, I'd love to hear it. Absolutely. I mean, this has been one of the biggest drivers for us when it comes to use cases supply chain supply chain. And the reason for that is supply chain is a distributed model as its core. And this is something that again, a properly designed, developed and deployed blockchain platform is going to assist with. You know, I mean if you look at the latest Gartner report that that you have here. I think, not even by 2023, but if you look at, I usually like to look at it from five and 10 years plans. We can look at this market by itself to be so expensive, so expandable that the lack of having the traceability and traceability that blockchain provides for goods and services. It's going to probably be double the number that you're seeing here in a case that if you don't have it you're actually losing revenue and customers and obviously you're not able to expand your services. I agree wholeheartedly and like you said, 10 years in this space I know maybe it feels like 100 to you but 30 years in the crypto space, it does feel like 200 years. Let's go to the next slide which is just to capture again why we're chatting here together we're long standing partners Avesta. When I mentioned, again, my career starting through 32 years ago, I think that's a couple years before you were born. The speed of things that have progressed is staggering, yet some of the fundamentals still are still there. Like I said the beginnings of the verisign days and the fundamentals of public key infrastructure. The quiet, silent infrastructure by which we all commerce electronically lives and eats and greets but you'll see here as this is related to the case study that we just did with you and hyper ledger Avesta. It talks about the value proposition and the fact that you need to build these things with all those core fundamentals but at what cost and how much time and is it really really difficult to do. Well, it was a lot more difficult to do this in the past having crypto people just hanging around was was something not any company just had had them, you know, hanging around in the hallways. We've had to rely on so many of these people that had that deep crypto expertise, but what you're starting to see now is you're moving this into the cloud you're digitally transforming everything in your business. And, of course, blockchain is is no exception. So, one of the things that we're seeing as an organization is a lot of our customers have not just completely shifted to the cloud, but they're providing based on the application use case the means to get there or the means to use a hybrid approach. So, all of those things again must have that level of trust and certificate management and assurance and that's where did a certain talents come together that you might not think about it but what keeps people up at night from an IT or from a fundamental crypto or security or SISO or anybody in those roles and responsibilities is if any of those things are compromised. The entire blockchain is dead. And that's where we would like to to make sure that when you're building these things are thinking about these things for the dev sec ops point of view that we're making things much easier to to embed into your applications, we're making it much more cloud savvy and cloud easy. I just wanted to, to, again, that the hyper ledger digitalist relationship provides that the means to do those things so that's all that you you clear up what I might have said if I mistakenly said anything that doesn't apply. No, no, those were all on point one thing I want to mention is, as much as it is important to utilize blockchain for certain use cases I think the vast majority of focus should be on properly designing this platform. And that's where this alliance between hyper ledger DG cert and talus is very important. From the perspective of hyper ledger, and I've been around this project for a while, hyper ledger fabric, being an open source code has many advantages. Others are able to look at it. I often look at the pool request and get hub, and I see many activities that are pushing this platform specifically again hyper ledger fabric that I have dealt with to to be not only capable but be able to look at it for for enterprise use cases from talus and digital perspective the same scenario right it's, if you're not able to secure your public and private keys, if you're not able to have those keys properly managed with in compliant HSM doesn't really matter if you have a stable blockchain platform or no you're still at the risk of being compromised. If you have a proper management for your certificates if you're deciding to have each certificate to be issued for a specific transactions make sure that the notes were part of this platform or properly validated and vetted, then again you're at the risk of weakness where the identities are at the risk of being compromised so overall if you look at it this alliance by itself provides all three different factors from the platform to components to the identity of the individuals who are going to utilize these these services. Excellent. And there's an aspect that I'm sure a lot of people will think about which is the right to left thinking which is when we want to deliver this service of this application. When we move back to the left, our starting point is often a lot sooner or a lot earlier than you think you can't leave things to the last minute and one of the things that we've experienced all of us in this industry is, let's build it and they shall come and then we'll fix those problems later. This is not one of those circumstances where you can do that. All these fundamentals and best practices. All of these things cannot be have to be legitimately concerned and they have to be built into your project plan. That being said, a lot of this is encapsulated into standard operating procedures that digester provides that tells provides the hyper ledger all of us and that brings me to the next slide here page, you could move forward, which is talking about there's a lot of available information about the integration guide itself or integration died talks about how we work with one dot four dot six for example, you might not care about version control, but from an open source point of view, we have to be in step. And the same thing applies to the oracles the IBM's the digicerts, we all support the same common source. What we've done here is this is probably more of a takeaway but these are things that you can find very easily on our website under the blockchain just type, you know, TALIS blockchain and you'll get to all of these things which is a leave behind after the presentation today. And then the last one of course not least is our most current to click one more time page, it'll bring up the TALIS and digicert case study that we've just completed. So if that's his input and soul case from our CTO office, I think you'll find this a really good read really simple really high level, but I think it's worth the mention that you take a look at this and again all of these things are available, not only in the hyper ledger website but you can just Google these with any of the names that you see here if you're just like me and that's easy to find stuff these days. Next slide and this is where I'm going to get Panda, the baton or to you invest it because this is your core competence and, and like I said I've been in TKI now for 25 years and lots the same but lots changing for the good so why don't I kick this off and I'm just looking at our time we have about 20 minutes left I believe Daniela so if you'll hold us to that, I'm going to probably jump in here as as needed but the best of this is for you. I think generally the way that I try to describe PKI and my audience often will be I need to be able to describe PKI to my grandma. That's how often she asks, you know, what is PKI and where do you work. And what I describe is you use it without knowing that and obviously to be relevant to blockchain the goal essentially will be the same thing you're utilizing the platform without knowing what the platform is or without all the hassles that goes around. Pushing and implementing the platform, but what is generally PKI public infrastructure by itself is a security standard that allows you to elevate the methods that are being using for authenticating the identity of users. Devices and in cases organizations best example of this is every time that you log into a website from your browser or from your phone, there needs to be a secure socket layer or SSL certificate that shows where this bank has been established and the identity of that bank has been valid. PKI by itself enables verification of the integrity of documents and communications in this case being code signing as an example. Every time your device receives a new update or your IT device receives a new firmware update. It is not mandatory but is preferred to receive that updates from a secure source, which often here being the manufacturer and code signing has that capability. It allows that firmware update to be cryptographically signed. Once your device receives that, if it sees a proper signature, then it will go ahead and deploy that update. Finally, PKI by itself requires a robust platform for digital certificates where you're able to manage the identities. And as part of these robust platform, you need to have what is known as hardware security modules or SSMs that provide that anchor of the root of trust. Next slide. So how do customers utilize PKI? And this slide has been quite frankly simplified. That's the fact that there are many, many different use cases that PKI is being used in and is able to help with assisting solving the problems that already exist. But let's start from the top left corner and go around. One specific use case is the managed services that PKI provides for enterprises for authentication. The use case here will be public or private trust. We already talked about public trust being certificates installed on websites, private trust by itself. It could be internal use cases. It could be servers that they need to be authenticated to internal servers where you don't really want to utilize using my password where PKI becomes more secure. You can think about fully managed PKI where customers are able to receive certificates for an application that they have built or they have Kubernetes and CICD pipelines that I want to make sure that every single built receives the certificate on top of the application for the web server that can utilize the certificate in the production environment. Moving on to the next pillar. These are capabilities that PKI provides for distributed environments. Three specific capabilities that PKI provides for distributed ledgers is key sovereignty, data sovereignty and local resources. And this in the case of hyperledger fabric becomes quite important. By default hyperledger fabric does get shipped out with fabric CA, fabric certificate authority, and for some use cases that might be completely sufficient. For other use cases where you require an enterprise layer of security and management, this is where a managed PKI such as what Digicert provides, it's going to be essential, especially because the volume of the sign transactions that you're dealing with are quite high. You would rather have reporting or you just want to make sure that the overall management is in place. It is also important to understand that HSMs are playing a pretty big role here. This is where we have the 100% integration with TALIS HSMs and you're capable of the storing private keys in very specific workflows in these HSMs given the environment that you have deployed your application in. Government trusted electronic signature workflows are also important. They have seen a very big rise of PKI being utilized specifically in Europe with AIDAS standards. This is where you want to make sure that you also again have that key sovereignty, data sovereignty and local resources that are capable of helping you with document signing. I think we saw an extensive utilization of this given the pandemic where users are staying at home, they will rather utilize remote notaries and they would like to receive those electronic signatures with a very high confidence. Finally, there are government programs that require the highest level of security. They require the application here being a managed PKI for example or service provider to be located within a specific countries, example again here being Europe. This is where customers are able to have that customer managed in-country or on-prem deployment of the solution that we have developed in conjunction with TALIS. Next slide. What are the key components of PKI? I think it's very important to understand the specific components that are important to have a proper PKI in place and these are only some of those components. Obviously, there are more but these are the most important ones. First and foremost is a certificate authority. This is an entity that stores issues and signs the digital certificates. DGCERD is a publicly trusted certificate authority meaning it's able to issue publicly trusted certificates for example again being websites. But also we are able to issue certificates for private trust where it has less elements of compliance and is being overseen by different governing bodies but it doesn't require to have all those sophisticated compliance rules being issued by CA browser forum or the CAP form. Registration authority. This is where the verification of identity of entities in order to receive a digital certificate is being held. This is again where DGCERD does have a wing that allows for us to validate organizations. Anything from LLCs to government organizations to even individuals to make sure that the entity or individual who has requested a certificate has gone through a proper validation. Central directory. This is a secure location in which we are able to store keys and indexes. In this case again HSM will be playing that role. Certificate management systems. This is the PKI processes ensuring that the policies specifically are being enforced to store certificates and allows the delivery of those certificates. And finally there are certificate policies where are defining the PKI's requirement considering a specific procedures which allows other auditing bodies to audit the trustworthiness of PKI. An example of this is every time that you want to create a root certificate you have to go through a key ceremony and that key ceremony by itself is a procedure that needs to be properly conducted but also should allow for auditors to audit the whole process. Next slide please. On that one note just talking a little bit about the root ceremony just as a side here for interest more so and I know you've got a whole another slide here to go through. Just just to put the context of how important that root key is. For those that recall there was a time when root keys specifically with the likes of DGCERD or ASSIGN and trust and others. Had to protect that at all costs and just to put in context of how valuable some of those were thought consulting if you recall back in the day of ASSA. Sold their company for $500 million for a root key. And Mark thought actually took some of that money and paid for a two way ticket luckily to space with Russian cosmonauts. But I met him a few years later and little did he know that having the root of all things and how important that would be would be worth $500 million over 20 years ago. So that kind of puts you in the sense that why we take this so seriously is that if any of those things are compromised what the actual value it's indescribable at this point in time. So I'll let you continue on with your the use cases and finish up here I think we're doing pretty good for time. Sounds great. Just one addition to what you mentioned again as this is more relevant maybe to blockchain and I'm just trying to connect this to I wouldn't call it the real word but for vast majority of the audience here that might have dealt with this as the securing your wallet right, especially around cryptocurrencies we have heard this from number of different perspective that you want to make sure that you properly do secure your tokens and wallets and your private keys. Now we have to think about this as a very, very larger scale when you're dealing with not only billions of dollars but with very sensitive information, where the root of trust needs to have that hardware component of it this is what towers provides. So basically the process and procedures and the applications that are able to generate those private keys and properly moving them to SSM and that's that's what did you said provides. So if you look at it the scale is completely different. But from the perspective of an enterprise and the partnership that we have with Dallas, I would say we have done this so many times that at this point for us is seamless, but for an outsider this is a very complex procedure and process that needs to be followed. Back to PKI use cases. There are many, many different use cases that PKI supports and I'm just going to go through some of this logos here because this provides a little bit more kind of visual for for the audience. One is securing devices. If you have an smartphone if you have it devices. Even if you have embedded devices example of embedded devices being vending machines. All of these devices are utilizing PKI and a specific certificates. The example for mobile devices are the utilize certificates for the applications that they have in a stall. Make sure that those applications are being issued from a properly trusted source this is where code signing comes into play. We also utilize certificates or client certificates for sometimes logging into Wi-Fi networks or having an enterprise environment running on that specific phone. Also secure emails is another component that PKI is able to assess but unfortunately we haven't seen in the public sector for the publicly trusted for secure emails we utilize so much but in the enterprise level. The majority of companies are utilizing this which companies known as SMIME certificates where the sender of an email receives a certificate and every time they send an email, a certificate will be attached to that email showing that the proper source of that. There are a number of different use cases here. Another one that I will probably have attached and will be secure documents. This is where you want to make sure that a document especially let's say a notary document or a document that requires a signature is being signed by an individual has not been tampered throughout the signature process and the time and this is where document signing is extremely important. From our partnership with TALIS, the user is able to support on-premises deployment as well as cloud deployment where we are able to utilize TALIS LUNA HSM under cloud or on-premises and both of these are providing corner cases being supported by our solution for many different customers. Next slide please. This is a PKI solution specifically and in very short looks at five different colors. One will be the enterprise PKI. Again, this is where we are providing that a strong authentication and encryption for data in transit through a unified platform for devices. IoT devices. This is an extremely big market for all of us and when I say market I look at it as mostly a problem because many IoT devices out there are insecure. Especially now that they're making their ways into our homes having baby monitors, having sensors that different segments are utilizing and this is somewhere that they have a very concrete solution in place with the help of TALIS. You're able to authenticate, encrypt and make sure the integrity for all connected devices are being guaranteed. Blockchain is another area that we heavily discussed about today. This is where we have an integration to hyperledger fabric. We provide the management layer where TALIS does provide the support for securing the private keys. We talked about document signing and finally the TLS and SSL where we provide global certificate control, visibility and solution scalability for interrupt businesses such as financial sector. Logging into your Facebook, Instagram, social media, whatever that sector might be that requires the organization who can afford downtime. Next slide. Thanks, Hugh Blair. Awesome. Thank you so much, Avesta. I know we've got a few minutes left here for some questions and I see some in the chat. Danielle, I can let you tee this up as we wrap up what I hoped it was an informative session. I've certainly enjoyed my time with Avesta. I know we're going to spend more time talking about ourselves after the call but for those who are looking at something that they need to consider, this is something I hope is within your purview. So go ahead, Danielle. Wonderful. And it's just so great to see these types of partnerships in the market within the hyperledger community. As Avesta said, DigiSERD has been a member of hyperledger and the contributor for, since the start, was it Avesta in 2015, 2016, right when the project started? Right. And it's just fantastic to see as these markets develop and as in the case of what we were discussing today, hyperledger fabric is being used in these production networks that it is creating a lot of these partnering and business opportunities for those of you in the community. So I know there's a couple of questions I just want to remind everyone on the line. If you want to submit a question, you can raise your hand and I'll go ahead and promote you to voice or you can add it in chat or the Q&A. Blair, I see a question specific from Badar Bajal, who is the CTO of MChain from Morocco. He apologizes for not being able to ask the question via audio because he has mic issues. Do TALUS and DigiSERD provide any self-sovereign identity or decentralized PKI solutions or ongoing projects? I'm going to let Avesta take a kick at that one first because I know that there's an aspect of, I'm just going to let Avesta respond first. Finally, I think self-sovereign identity by itself will be an interesting topic, especially since, you know, this is part of hyperledger. Hyperledger and me, for example, by itself has been quite an interesting project and I think that's where self-sovereign identity plays a big role. There are a number of different providers out there, but specifically from our perspective, self-sovereign identity is something that requires some of those corner cases when it comes to regulations and compliance to be solved before we'll be able to actually expand on that. In addition to that, I think the second part of the question is decentralized PKI solutions. We certainly do have a project that we are discovering more capabilities of decentralized PKI and the use cases that is able to solve. I think it's very important to understand that if something works today and it works with the highest level of security, what would be a requirement for developing something on top of that where there are many unknowns, right? And this comes down to the decentralized PKI. If you look at it, managing keys, managing the applications from the PKI perspective has been around for the past 20 years. And continuously with the help of Talus, we are trying to evolve this process, but also looking at something such as decentralized PKI is definitely going to be on our roadmap, which again, it is today, but it's mostly as part of our R&D than being a product. And I think that speaks to the cloud offering that Digisert One and others are building the PKI service and so on is right, I assume Vesta. That is correct. So take a look at our website and I take a knee on that one because Vesta has a much better broader respect to that, but in terms of federated PKI and other aspects of that, we're certainly seeing the PKI things on the identity side, emerging and growing at an unbelievable pace and rate from life cycle management of IoT devices. Where do those certificates reside? Where do those keys reside? All those things are elemental to decentralized PKI as I understand it. And I might be way off topic, I hope not Vesta, but I'm a generalist at best in this particular area. Is there any other questions, Daniela, that we need to answer? Yeah, I don't see any questions. So if people do have additional questions or would like to get in touch with both of you, how would they go about doing that? So we have, I don't know if we've put that in the chat or on any of the slides, but if I forgive me, I'll ask Paige to type in our email addresses in the chat there. Again, I'm responsible for the alliances. I'm one of many that respectfully manages over 400 of our alliances, which Digisert is one of our key partners. I know that sounds a little trite. It's actually effectively one of our key partners for over 20 years, and we're building our business with them. And I manage with my colleagues that relationship. So you can always reach out to me. We have a field organization that scatters the globe. We operate in almost every country. Not like Digisert. We're a little bit bigger, but in terms of our scope, we're well in the same bucket. So please just send us an email and we'll respond accordingly. We'll generally get back to you within 24 hours. Wonderful. So once again, a Vesta Blair, thank you for all your contributions that you've done to the hyperledic community for sharing some of this work today. And I encourage everyone to reach out to both of them and their organizations to learn more and get engaged as well. So thank you again. And as I started off with this is our, you know, bi-monthly and sometimes this month we actually have four different sessions with our hyperledic members in depth sessions. The next one will be on September 22nd with Mindtree, where there will be discussing many of their use cases using hyperledic technologies in the marketplace. And after will be on September 28th, which is going to be a hyperledger project focused one on hyperledger Bezu, where Palm NFT Studio is going to be speaking about the Palm sidechain. And this is, Palm NFT is actually the organization behind the recent Damien Hearst currency art project and its NFT project, as well as Space Jam, and that uses utilizes hyperledger Bezu so we're very excited about that session. But please do visit hyperledgerevents.org for additional information. We have a lot of great content including the content from our summer global forum, where there were hundreds of sessions and production use cases that were shared in the community, so I encourage you to view those on demand, as you see fit. We are an open source community so please get involved, join our hyperledger projects, our working groups and our special interest groups based on your interest, and where you'll be able to see participation and contribution to the project. So once again, thank you very much to Thales and Digicert for today's session. Thank you all for watching and participating, and we look forward to seeing you in the next event, as well as in our community. So for that, thank you all. Have a great day. Thanks. Thank you everybody. We'll go ahead and stop the recording. Thanks for watching.